Mac*_*cke 2 php ssl soap-client soapfault
当使用php对https soap服务器执行soap请求时:s SoapClient失败并带有SoapFault:
faultstring: Could not connect to host faultcode: HTTP
我必须确保soap服务器ssl证书有效,所以我正在使用
<?php
$soap=new SoapClient("mwsdl.wsdl"
,array(
"location"=>"https:examplesoapserver.com"
,"trace"=>1
,"stream_context"=>stream_context_create(array(
"ssl"=>array(
"verify_peer"=>true
,"allow_self_signed"=>false
)
)
)
)
);
但这给了我SoapFault.
我测试了不同的设置:
OK location: has self-signed certificate verify_peer=>true allow_self_signed=>true
OK (without setting verify_peer) location: has self-signed certificate allow_self_signed=>false
NOT OK location: has self-signed certificate verify_peer=>true allow_self_signed=>false
OK (without setting verify_peer) location: ca-signed certificate allow_self_signed=>false
NOT OK location: ca-signed certificate verify_peer=>true allow_self_signed=>false
我有:
php version: 5.3.3 CentOS 6.4 Apache/2.2.15
如果它有助于解决问题,请询问更多细节.
预先感谢您的任何帮助!
问题是php默认使用不安全的设置来处理https请求.它不会验证证书或检查证书中的域是否正确.
您还必须自己下载用于验证证书的文件.
您可以在http://curl.haxx.se/ca/cacert.pem下载一个
正确处理它们的设置是
<?php
$client = new SoapClient("my-wsdlfile.wsdl"
,array(
"location"=>"https://examplesoapserver.com"
,"stream_context"=>stream_context_create(
array(
"ssl"=>array(
"verify_peer"=>true
,"allow_self_signed"=>false
,"cafile"=>"path/to/cacert.pem"
,"verify_depth"=>5
,"CN_match"=>"examplesoapserver.com"
)
)
)
)
);
其他可以使用https(例如file_get_contents)的PHP函数存在同样的问题,因此使其安全的相同解决方案应该有效.
默认情况下,CURL具有安全设置,因此如果可能,它更容易使用它.
这是一个关于php如何处理https的更好更详细的解释:
| 归档时间: |
|
| 查看次数: |
16686 次 |
| 最近记录: |